<?PHP

//session_start();
function md6encode($content, $lock) {

    for ($i = 1; $i <= $lock; $i++) {
        $content = base64_encode($content);
    }

    return $content;
}

$error = "";
$step = "";

if (isset($_GET["step"])) {
    $step = $_GET["step"];
}
if (isset($_GET["error"])) {
    $error = $_GET["error"];
}

if ($error == "1") {
    $error = "Can't connect to the MySQL Server!";
}

if (!$step) {
    $progress = "::::";
} else if ($step == "1") {
    $progress = "::::::::::";
} else if ($step == "2") {
    $progress = "::::::::::::::::::::::::::::::";
} else if ($step == "3") {
    $progress = ":::::::::::::::::::::::::::::::::";
}

include ("install_files/header.php");

if (!isset($_GET["error"])) {
    $php_self = $_SERVER['PHP_SELF'];
}

if (!$step) {
    ?>
    <p class='welcome'>Welcome to ACP installer! Before we begin please make sure you have set permission for this file to 777. You will have to answer couple questions about your system in order to install it properly. If you encounter any problems please contact us at info@idealan.net.</p>
    <form method='POST' action='<?php echo $php_self ?>?step=1'>
        <div class='main'>
            <div class='labels'>
                <label for='db_host'>Database Host:</label><input name='db_host' id='db_host' value='localhost' /><br/>
                <label for='db_user'>Database Username:</label><input name='db_user' id='db_user' value='' /><br />    
                <label for='db_pass'>Database Password:</label><input name='db_pass' id='db_pass' value='' /><br />
                <label for='db_name'>Database Name:</label><input name='db_name' id='db_name' value='acp' /><br />
                <label for='db_pref'>Table Prefix:</label><input name='db_pref' id='db_pref' value='cp' />
            </div>
            <div class='fields'>
                <label for='web_url'>Website URL:</label><input name='web_url' id='web_url' value='http://' /><br/>
                <label for='acp_url'>ACP URL:</label><input name='acp_url' id='acp_url' value='http://' /><br />
            </div>
            <input class='next' type='submit' value='NEXT' />
        </div>
    </form><br/><br/>
    <?php
}; // END FIRST STEP

if ($step == "1") {
    /* -------------- SECOND PART OF THE SETTINGS ------------------ */
    $path_base = exec("pwd");
    $path_addons = "$path_base/addons/";

// GET FIELDS FROM THE FORM
    $db_host = "";
    $db_user = "";
    $db_pass = "";
    $db_name = "";
    $db_pref = "";
    $acp_weburl = "";
    $acp_acpurl = "";
    
    if (isset($_POST["db_host"])) {
        $db_host = $_POST["db_host"];
    }
    if (isset($_POST["db_user"])) {
        $db_user = $_POST["db_user"];
    }
    if (isset($_POST["db_pass"])) {
        $db_pass = $_POST["db_pass"];
    }
    if (isset($_POST["db_name"])) {
        $db_name = $_POST["db_name"];
    }
    if (isset($_POST["db_pref"])) {
        $db_pref = $_POST["db_pref"];
    }

//$_SESSION["host"] = $db_host;
//$_SESSION["user"] = $db_user;
//$_SESSION["pass"] = $db_pass;
//$_SESSION["name"] = $db_name;
//$_SESSION["pref"] = $db_pref;

    if (isset($_POST["web_url"])) {
        $acp_weburl = $_POST["web_url"];
    }
    if (isset($_POST["acp_url"])) {
        $acp_acpurl = $_POST["acp_url"];
    }

    $codeThis = "$db_host|$db_user|$db_pass|$db_name|$db_pref";
    $coded = md6encode($codeThis, 2);

// ADD "_" to the prefix if scpecified.
    if ($db_pref != "") {
        $db_pref = $db_pref . "_";
    }

    $conn = mysql_connect($db_host, $db_user, $db_pass) or header("Location: install.php?error=1");

// LETS MAKE SURE IF $db_name was filled out and we can connect to it.
    if ($db_name == "") {
        // Check it the database exist
        $query = "USE acp";

        // If this query is succesfull, and returns a 1. this means that the database acp can be used.
        // If it returns 'null' then it doesn't exist.
        if (mysql_query($query) == null) {
            //if it doesn't exist we create it and connect to it.
            $query = "CREATE DATABASE acp";
            $result = mysql_query($query, $conn);

            if ($result == 1) {
                // IF RESULT IS 1 WHICH MEANS IT WAS SUCESSFULLY CREATED
                mysql_select_db($db_name, $conn) or die("ERR 1");
            } else {
                echo "Error while creating database (Errornumber " . mysql_errno() . ": \"" . mysql_error() . "\")<br>";
            }
        } else {

            // It already exist so we will connect to it.
            $db_name = "acp";
            mysql_select_db($db_name, $conn) or die("ERR 2");
        }
    } else {
        // Database name was filled out so lets try to connect to it. If unable to connect lets try to create it.
        $query = "USE $db_name";

        // If this query is succesfull, and returns a 1. this means that the database acp can be used.
        // If it returns 'null' then it doesn't exist.
        if (mysql_query($query) == null) {
            //if it doesn't exist we create it and connect to it.
            $query = "CREATE DATABASE $db_name";
            $result = mysql_query($query, $conn);

            if ($result == 1) {
                // IF RESULT IS 1 WHICH MEANS IT WAS SUCESSFULLY CREATED
                mysql_select_db($db_name, $conn) or die("ERR 3");
            } else {

                echo "Error while creating database (Errornumber " . mysql_errno() . ": \"" . mysql_error() . "\")<br>";
            }
        } else {

            // It already exist so we will connect to it.
            mysql_select_db($db_name, $conn) or die("ERR 4");
        }
    } // END CHECKING THE DB CONNECTION
// LETS CREATE A CONFIG.INI FILE AND PUT INFORMATION IN TO IT.
    $filename = './addons/config.ini';


    if (!file_exists($filename)) {
        $FileHandle = fopen($filename, 'w') or die("can't open file");
        fclose($FileHandle);
    }

// Let's make sure the file exists and is writable first.
    if (is_writable($filename)) {

        // In our example we're opening $filename in append mode.
        // The file pointer is at the bottom of the file hence
        // that's where $somecontent will go when we fwrite() it.
        if (!$handle = fopen($filename, 'w')) {
            echo "Cannot open file ($filename)";
            exit;
        }

        // Write $somecontent to our opened file.
        if (fwrite($handle, $coded) === FALSE) {
            echo "Cannot write to file ($filename)";
            exit;
        }

        fclose($handle);
    } else {
        echo "The file $filename is not writable";
    }

// WE ARE GOING TO CREATE SETTINGS TABLE AND INSERT FIRST SETTINGS

    /* --------- SETTINGS TABLE -------- */
    $db_pref = mysql_escape_string($db_pref);
    $check_table = "SHOW TABLES LIKE '" . $db_pref . "settings'";
    $exe_checktable = mysql_num_rows(mysql_query($check_table));

    if ($exe_checktable == 0) {

        $table_settings = "CREATE TABLE `" . $db_pref . "settings` (`conf_id` SMALLINT(5) NULL, `conf_weburl` VARCHAR( 100 ) NULL ,`conf_acpurl` VARCHAR( 100 ) NULL, `conf_bpath` VARCHAR(100) NULL, `conf_apath` VARCHAR(100) NULL, `conf_mpath` VARCHAR(100) NULL, `conf_tpath` VARCHAR(100) NULL, `conf_passmin` VARCHAR(10) NULL, `conf_passmax` VARCHAR(10) NULL, `conf_timeout` VARCHAR(10) NULL,`conf_alin` SMALLINT(4) NULL, `conf_alou` SMALLINT(4) NULL, `conf_shosid` SMALLINT(4) NOT NULL DEFAULT '2') ENGINE = MYISAM";
        $create_table = mysql_query($table_settings);

        /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
        if ($create_table == NULL) {
            echo "CREATEING TABLE: <i><b>TODO</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
        }

        $default_settings = "INSERT INTO  `" . $db_pref . "settings` (`conf_id`,`conf_weburl`,`conf_acpurl`) VALUES ('1','0','0')";
        $insert = mysql_query($default_settings);
    }


    /* --------- INSERT SETTINGS IN TO THE TABLE -------- */
    $insert_settings = "UPDATE `" . $db_pref . "settings` SET `conf_weburl` = '$acp_weburl', `conf_acpurl` = '$acp_acpurl' WHERE `conf_id` = '1'";
    $insert = mysql_query($insert_settings);


    ?>
<p class='welcome'>Please answer this few questions, next step is cleanup.</p>
<form method='POST' action='install.php?step=2'>
<div class='main'>
	<div class='labels'>
	<label for='path_base'>ACP Basepath:</label><input name='path_base' id='path_base' value='<?php echo $path_base ?>/' /><br/>
    	<label for='path_addons'>Addons Path:</label><input name='path_addons' id='path_addons' value='<?php echo $path_addons ?>' /><br />    
    	<label for='path_modules'>Modules Path:</label><input name='path_modules' id='path_modules' value='<?php echo $path_base ?>/members/inc/modules/' /><br />
    	<label for='path_temp'>Temp Path:</label><input name='path_temp' id='path_temp' value='<?php echo $path_base ?>/members/temp/' /><br />
    </div>
    <div class='fields'>
    	<label for='pass_min'>Password Min. Chars.:</label><input name='pass_min' id='pass_min' value='4' /><br/>
    	<label for='pass_max'>Password Max. Chars.:</label><input name='pass_max' id='pass_max' value='10' /><br />
    	<label for='timeout'>Default Logout Time:</label><select name='timeout' id='timeout'><option value='0'> USER DEFINED </option><option value='20'>20 MINUTES</option><option value='30'>30 MINUTES</option></select>
    </div>
    <input class='next' type='submit' value='NEXT' />
</div>
</form><br/><br/>
<?php
}; // END SECOND STEP
if ($step == "2") {

    $conf_bpathN = "";
    $conf_apathN = "";
    $conf_mpathN = "";
    $conf_tpathN = "";
    $conf_pminN = "";
    $conf_pmaxN = "";
    $conf_toutN = "";
    
    if (isset($_POST["path_base"])) {
        $conf_bpathN = $_POST["path_base"];
    }
    if (isset($_POST["path_addons"])) {
        $conf_apathN = $_POST["path_addons"];
    }
    if (isset($_POST["path_modules"])) {
        $conf_mpathN = $_POST["path_modules"];
    }
    if (isset($_POST["path_temp"])) {
        $conf_tpathN = $_POST["path_temp"];
    }
    if (isset($_POST["pass_min"])) {
        $conf_pminN = $_POST["pass_min"];
    }
    if (isset($_POST["pass_max"])) {
        $conf_pmaxN = $_POST["pass_max"];
    }
    if (isset($_POST["timeout"])) {
        $conf_toutN = $_POST["timeout"];
    }

    if($conf_bpathN=="/") {
       $conf_bpathN = "" ;
    }
    include "$conf_bpathN/config.php";

    $DBprefix = mysql_escape_string($DBprefix);
    $conf_bpathN = mysql_escape_string($conf_bpathN);
    $conf_apathN = mysql_escape_string($conf_apathN);
    $conf_mpathN = mysql_escape_string($conf_mpathN);
    $conf_tpathN = mysql_escape_string($conf_tpathN);
    $conf_pminN = mysql_escape_string($conf_pminN);
    $conf_pmaxN = mysql_escape_string($conf_pmaxN);
    $conf_toutN = mysql_escape_string($conf_toutN);
    
    $insert_settings = "UPDATE `" . $DBprefix . "settings` SET `conf_bpath` = '$conf_bpathN', `conf_apath` = '$conf_apathN', `conf_mpath` = '$conf_mpathN', `conf_tpath` = '$conf_tpathN', `conf_passmin` = '$conf_pminN', `conf_passmax` = '$conf_pmaxN', `conf_timeout` = '$conf_toutN' WHERE `conf_id` = '1'";
    $insert = mysql_query($insert_settings);

// CREATING AND TABLES AND INSERTING INFORMATIONS

    /*     * ** CREATE ACCESS TABLE *** */
    $table_access = "CREATE TABLE `" . $DBprefix . "access` (
 `userid` smallint(5) NOT NULL,
 `pageid` smallint(5) NOT NULL,
 `permission` smallint(5) NOT NULL default '0',
  KEY userid (userid))";

    /* ---------- LET'S CREATE THE TABLE ---------- */
    $create1 = mysql_query($table_access);

    /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
    if ($create1 == 1) {
        echo "CREATING TABLE: <i><b>ACCESS</b></i>........ <font color='#66FF00'><b>OK!</b></font> <br />";
    } else {
        echo "CREATEING TABLE: <i><b>ACCESS</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
    }

    /*     * ** CREATE ACCESS PAGES TABLE *** */
    $table_access_pages = "CREATE TABLE `" . $DBprefix . "access_pages` (
  `pageid` smallint(5) NOT NULL auto_increment,
  `pagename` varchar(50) NOT NULL,
  `pagesub` varchar(50) NOT NULL,
  `pageperm` smallint(5) NOT NULL default '1',
  PRIMARY KEY  (pageid))";

    /* ---------- LET'S CREATE THE TABLE ---------- */
    $create2 = mysql_query($table_access_pages);

    /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
    if ($create2 == 1) {
        echo "CREATEING TABLE: <i><b>ACCESS PAGES</b></i>........ <font color='#66FF00'><b>OK!</b></font> <br />";
    } else {
        echo "CREATEING TABLE: <i><b>ACCESS PAGES</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
    }

    /*     * ** CREATE USER TABLE *** */
    $table_logs = "CREATE TABLE `" . $DBprefix . "logs` (
  `log_id` int(10) NOT NULL auto_increment,
  `log_action` varchar(50) NOT NULL default '',
  `log_userid` smallint(5) NOT NULL default '0',
  `log_page_to` varchar(150) NOT NULL default '',
  `log_page_from` varchar(150) NOT NULL default '',
  `log_ip` varchar(15) NOT NULL default '',
  `log_date` int(50) NOT NULL default '0',
  `log_indate` int(50) NOT NULL default '0',
  `log_outdate` int(50) NOT NULL default '0',
  `log_status` varchar(50) NOT NULL default 'ACTIVE',
  `log_errmsg` varchar(255) NOT NULL default '',
  `log_sesexp` int(50) NOT NULL,
  `log_sesid` varchar(32) NOT NULL default '',
  UNIQUE KEY log_id (log_id))";

    /* ---------- LET'S CREATE THE TABLE ---------- */
    $create3 = mysql_query($table_logs);

    /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
    if ($create3 == 1) {
        echo "CREATEING TABLE: <i><b>LOGS</b></i>........ <font color='#66FF00'><b>OK!</b></font> <br />";
    } else {
        echo "CREATEING TABLE: <i><b>LOGS</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
    }

    /*     * ** CREATE USER TABLE *** */
    $table_signup = "CREATE TABLE `" . $DBprefix . "signup` (
  `user_id` smallint(5) NOT NULL auto_increment,
  `user_fname` varchar(50) default NULL,
  `user_lname` varchar(50) default NULL,
  `user_phone` varchar(50) default NULL,
  `user_name` varchar(30) default NULL,
  `user_pass` varchar(32) default NULL,
  `user_email` varchar(32) default NULL,
  `user_actnum` varchar(32) default NULL,
  `user_level` tinyint(4) default NULL,
  `user_adddate` varchar(20) default NULL,
  `user_lastlogin` varchar(20) default NULL,
  `user_logindns` varchar(50) default NULL,
  `user_loginfail` varchar(20) default NULL,
  `user_numloginfail` tinyint(4) default NULL,
  `user_set_timeout` varchar(10) NOT NULL default '1200',
  `user_set_lock` smallint(2) NOT NULL default '0',
  PRIMARY KEY  (user_id))";

    /* ---------- LET'S CREATE THE TABLE ---------- */
    $create4 = mysql_query($table_signup);

    /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
    if ($create4 == 1) {
        echo "CREATING TABLE: <i><b>SIGNUP</b></i>........ <font color='#66FF00'><b>OK!</b></font> <br />";
    } else {
        echo "CREATEING TABLE: <i><b>SIGNUP</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
    }


    /*     * ** CREATE MODULE TABLE *** */
    $table_modules = "CREATE TABLE `" . $DBprefix . "modules` (
  `mod_id` smallint(5) default NULL,
  `mod_name` varchar(50) default NULL,
  `mod_location` varchar(50) default NULL,
  `mod_ver` varchar(10) default NULL,
  `mod_lud` varchar(20) default NULL,
  INDEX (`mod_id`))";

    /* ---------- LET'S CREATE THE TABLE ---------- */
    $create5 = mysql_query($table_modules);

    /* LET'S DISPLAY RESULTS FROM CREATEING TABLE */
    if ($create5 == 1) {
        echo "CREATING TABLE: <i><b>MODULES</b></i>........ <font color='#66FF00'><b>OK!</b></font> <br />";
    } else {
        echo "CREATEING TABLE: <i><b>MODULES</b></i>........ <font color='#FF0000'><b>ERROR!</b></font> " . mysql_errno() . " - " . mysql_error() . "<br />";
    }


    ?>
<p class='welcome'>All base tables have been created successfully, now we need to get the login info and complete the installation.</p>
<form method='POST' action='<?php echo $php_self ?>?step=3'>
<div class='main'>
	<div class='labels'>
		<label for='user_uname'>Username:</label><input name='user_uname' id='user_name' value='admin' readonly /><br/>
    	<label for='user_pass'>Password:</label><input type='text' name='user_pass' id='user_pass' value='' /><br />    
    	<label for='user_phone'>Phone #:</label><input name='user_phone' id='user_phone' value='' /><br />
    	<label for='user_email'>E-mail:</label><input name='user_email' id='user_email' value='' /><br />
    </div>
    <div class='fields'>
    	<label for='user_fname'>First Name:</label><input name='user_fname' id='user_fname' value='' /><br/>
    	<label for='user_lname'>Last Name:</label><input name='user_lname' id='user_lname' value='' /><br />
    </div>
    <input class='next' type='submit' value='SUBMIT' />
</div>
</form><br/><br/>
<?php
} // END FOURTH STEP


if ($step == "3") {

    $user_uname = "";
    $user_pass = "";
    $user_phone = "";
    $user_email = "";
    $user_fname = "";
    $user_lname = "";
    
    if (isset($_POST["user_uname"])) {
        $user_uname = $_POST["user_uname"];
    }
    if (isset($_POST["user_pass"])) {
        $user_pass = md5($_POST["user_pass"]);
    }
    if (isset($_POST["user_phone"])) {
        $user_phone = $_POST["user_phone"];
    }
    if (isset($_POST["user_email"])) {
        $user_email = $_POST["user_email"];
    }
    if (isset($_POST["user_fname"])) {
        $user_fname = $_POST["user_fname"];
    }
    if (isset($_POST["user_lname"])) {
        $user_lname = $_POST["user_lname"];
    }

    include_once "./config.php";


    $add_admin = "INSERT INTO `" . $DBprefix . "signup` (`user_id` ,`user_fname` ,`user_lname` ,`user_phone` ,`user_name` ,`user_pass` ,`user_email` ,`user_actnum` ,`user_level` ,`user_adddate` ,`user_lastlogin` ,`user_logindns` ,`user_loginfail` ,`user_numloginfail` ,`user_set_timeout` ,`user_set_lock`) VALUES ('1', '$user_fname','$user_lname' , '$user_phone', '$user_uname', '$user_pass', '$user_email', '0', '5', UNIX_TIMESTAMP( ) , UNIX_TIMESTAMP( ) , 'office.idealan.net', UNIX_TIMESTAMP( ) , '0', '1200', '0'
)";
    $create7 = mysql_query($add_admin);

   ?>
    <p class='welcome'>So this is it omg how much more shit will i put in it. hope it works. CHEERS MATE!<BR /><BR /><BR />
    <a href='#' onClick='redirect()'>LOGIN</a>
    </p>

<?php
} // END FINAL STEP


include ("install_files/footer.php");
?>
